Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Forums Hacking

[H_Admin]

Hi,

Alot of VB forums have hacking every day
In fact All hackers couldn't hack databases or files

They only edit one template in style like header or forumhome
So Uploading style again resolve the problem
But How can I disallow them to to edit templates

Any functiond to disable or rule for mod_sec ?

[Ramprage]

What version of the forums are being affected? Are you using the latest ones provided by vbulletin?

[ISPserver]

You can change owner for file. And scripts will can not edit file. But hacker can modify anything else.

But best way always update forum to latest version.

[H_Admin]

All version of the forums are being affected, and in the same way
Editing forumhome template or header

[E-Learning]

even if you update the version ! there is nothing to stop this issue !!

you need to check your script[s] folder ...

see if there any upgrade or check them name[s] # milw0rm.com

if there any new vul bug you should see around and patch it

i dont think there is a 0-day for vb ! and you cannot never stop them to editing your template becouse there is alot of ways to edit the index.php from db Sql or template or upload any index if they have the permission ...

and be carefull if you make your config passwd like the same passwd for your Cpanel ...

now you should
1- be sure your passwd for Cpanel not in your config[s] files ...
2- update all your script[s] and make # milw0rm.com your homepage for security resons ...
3- upload a phpshell script and see your SAFE MODE:ON / OFF , if your SAFE MODE OFF = i think mybe the attacker came from other account to your vb ...

and check the php function[s] two ....

finally you got hacked mybe 95% from your server or any bug in your site ...
be sure it's not from VB version ...

let us know what happen ...
cheers !.